Math 3704 Lecture Notes

Minhyong Kim, based on notes by Richard Hill October 13, 2008

Please let me ([email protected]) know of any misprints or mistakes that you find.

Contents

1 Introduction 2 1.1 Prerequisites for the course ...... 3 1.2 Course Books ...... 3

2 Background Material 3 2.1 Polynomial Rings ...... 3 2.1.1 Euclid’s Algorithm ...... 7 2.1.2 Ideals ...... 7 2.1.3 Quotient rings ...... 8 2.1.4 Homomorphisms of rings ...... 8 2.2 Field extensions ...... 9 2.3 Degrees of extensions ...... 11 2.4 Symmetric polynomials ...... 14 2.5 k-Homomorphisms * ...... 15 2.6 Splitting fields and Galois groups * ...... 16 2.7 Calculating Galois groups * ...... 17

3 Algebraic Number Fields 18 3.1 Field embeddings ...... 18 3.2 Norm, Trace and Discriminant ...... 20 3.3 Algebraic Integers ...... 23 3.4 Integral Bases ...... 25 3.5 Integral bases in quadratic fields ...... 27 3.6 Cubic fields ...... 28 3.7 More tricks for calculating integral bases ...... 32 3.8 More examples of integral bases ...... 33 3.9 Prime Cyclotomic Fields ...... 34

4 Factorization in ok 36 4.1 Units and irreducible elements in ok ...... 36 4.2 Prime ideals ...... 39 4.3 Uniqueness of Factorization into ideals ...... 41 4.4 Norms of ideals ...... 46 4.5 Norms of prime ideals ...... 48 4.6 Factorizing Ideals into Maximal Ideals ...... 51 4.7 The Class Group ...... 51 4.8 The Minkowski constant ...... 52 1 4.9 Geometry of numbers and Minkowski’s Lemma ...... 53 4.10 The Minkowski Space ...... 54 4.11 Calculating class groups ...... 57 4.12 Dirichlet’s Unit Theorem ...... 60

2 Lecture 1

1 Introduction

Three fields that occur in nature are Q, the field of rational numbers, the field R of real numbers, and the field C of complex numbers. The first field is eventually forced on you as you proceed through arithmetic operations on counting numbers. The latter two arise in describing rigorously the continuous objects of the universe, as well as the microscopic world. In spite of many outstanding problems in number theory, the internal structure of Q is in some sense well-motivated and clear. However, the construction of R and C are mysterious. These are extremely large objects comprising many layers of complexity that are constructed, in some sense, all at one go starting from the rationals. Eventually, there arises a need to bridge the enormous gap visible in the inclusion

Q ⊂ C.

One way to think about this issue is in terms of various intermediate objects

Q ⊂ F1 ⊂ F2 ⊂ · · · ⊂ C that we try to construct at a slower pace, keep track of various properties as we go. Many such interme- diate fields are of great interest, but a good starting point is to consider intermediate fields consisting of algebraic numbers. Algebraic numbers are special or even universal in that copies of these numbers exist inside any sufficiently rich number system wherein we can count naturally. A number α ∈ C is said to be algebraic if there is a non-zero polynomial f ∈ Q[X] such that f(α) = 0. An algebraic number field is a field of the form ½ ¾ f(α) Q(α) = : f, g ∈ Q[X], g(α) 6= 0 , g(α) i.e. the field generated by Q and α. For example √ √ Q( 2) = {x + y 2 : x, y ∈ Q}, √ √ √ Q( 3 2) = {x + y 3 2 + z 3 4 : x, y ∈ Q}. In any algebraic number field k there is a ring of algebraic integers o. An algebraic number is called an algebraic integer, if it is a zero of a monic polynomial with integer coefficients. Examples of these rings of algebraic integers are: √ √ Z[ 2] ⊂ Q( 2), where Z[α] = {f(α): f ∈ Z[X]}. The sort of questions that we’ll deal with in this course are: • Does the ring o have unique factorization? • Is o a principal ideal domain? • If o is not a principal ideal domain, then how far is it from being a principal ideal domain? • If p is a prime number, how does p factorize in o? For example in Z[i] we have 5 = (2 + i)(2 − i), but 7 does not factorize in Z[i]. √ √ √ √ • What are the units in o? For example in√ Z[ 2] we have ( 2 + 1)( 2 − 1) = 1, so 2 + 1 is a unit. On the other hand the only units in Z[ −5] are 1 and −1. 3 Instead of factorizing elements of o we shall factorize ideals. If o is a principal ideal domain then this is the same thing. We shall show that every ideal of o can be uniquely factorized into prime ideals of o. Therefore if o is a principal ideal domain then we have uniqueness of factorization of elements. If o is not a principal ideal domain then we can measure how far it is from being a principal ideal domain by calculating the class group:

Cl = {ideals}/{principal ideals}.

This turns out to be a finite group that measures the complexity of the field k and the ring o in pretty much the same way that the homology groups in algebraic topology measure the complexity of a space. A rather specific aim of the course is for you to be able to calculate this group for some simple algebraic number fields. Eventually, you should try to produce yourself fields of various complexity.

1.1 Prerequisites for the course Elementary linear algebra. Group theory and ring theory from MATH 7202, in particular ideals, quotient rings, polynomial rings over a field. A willingness to think flexibly with diverse mathematical notions.

1.2 Course Books There are many books on algebraic number theory. The one by Stewart and Tall listed on the syllabus is a rather elementary introduction intended to be user-friendly at the undergraduate level. There is a book by Ireland and Rosen ‘A classical invitation to modern number theory’ that attempts to reach a similar readership, but contains a more sophisticated viewpoint. A book called ‘Fermat’s Dream’ by Kazuya Kato et. al. adopts a highly inspirational approach emphasizing the role of zeta functions. ‘A course in arithmetic’ by J.-P. Serre deals with some rather sophisticated topics in a self-contained way. There is a set of online notes by James Milne available at www.jamesmilne.org that develops algebraic number theory in a fairly systematic manner at the post-graduate level.

2 Background Material 2.1 Polynomial Rings In this course all rings will be commutative rings with 1. Let k be a field. We shall write k[X] for the ring of polynomials in the variable X with coefficients in k. Recall that in any ring R there are three kinds of elements:

• The units; • The reducible elements; • The irreducible elements.

1 Proposition k[X] is an integral domain

Proof. Let f(X) and g(X) be non-zero. Then they have the form

n f(X) = a0 + a1X + ··· + anX and m g(X) = b0 + b1X + ··· + bmX with an 6= 0 and bm 6= 0. But then the highest term of f(X)g(X) is anbm 6= 0. So f(X)g(X) 6= 0. 2

4 We will frequently take a polynomial f(X) ∈ Z[X] and consider its reduction modulo p for a prime p. ¯ This is the polynomial f(X) ∈ Fp[X] obtained by reducing all the coefficients of f mod p. For example, if f(X) = 5X4 + 9X3 + 2X + 3, then for the prime 3, we have ¯ 4 f = [2]X + [2]X ∈ F3[X].

Here, we are writing [2] for the congruence class in F3 of 2. But much of the time, we will omit the square brackets when the context makes the reduction clear. Also, in the notation f¯, we will not indicate the prime p separately. It also will be indicated by the context. For any polynomial f(X) ∈ Q[X], we will denote by f1(X) ∈ Z[X] the unique constant multiple of f with the property that (1) f1 is primitive, that is, its coefficients are coprime. (2) Its leading coefficient is positive. One obtains f1(X) from f(X) by first multiplying f by an integer c so that cf(X) ∈ Z[X]. One then divides by the highest common factor r of the coefficients of cf to obtain (c/r)f(X) ∈ Z[X] primitive. One then multiplies (c/r)f by 1 or −1 in order to make its leading coefficient positive. For example, if f(X) = (−4)X2 + (2/3)X + 10, then one goes to (−12)X2 + 2X + 30 to −6X2 + X + 15 to 2 f1 = 6X − X − 15.

Exercise: Given f ∈ Q[X] show that f1(X) with the two properties above is unique. In the ring k[X] the units are the non-zero constant polynomials, i.e. the elements of k×. There are various ways of deciding whether elements of Q[X] are irreducible or not.

2 Gauss’ Lemma Suppose f ∈ Z[X] and assume that f is not constant. If f is irreducible as an element of Z[X] then f is irreducible as an element of Q[X].

Proof. Suppose f(X) = g(X)h(X) in Q[X]. We have g = ag1 and h = bh1 for some constants a, b ∈ Q, so that f(X) = abg1(X)h1(X).

Claim: g1(X)h1(X) is primitive. Suppose some p divided all the coefficients of g1(X)h1(X). Then ¯ g¯1(X)h1(X) = 0 ∈ Fp[X]. ¯ So eitherg ¯1(X) = 0 or h1(X) = 0. But then, p would divide all the coefficients of either g1 or h1, contrary to the fact that they are both primitive. This proves the claim. For each coefficient ci of g1h1, we must have abci ∈ Z, since f ∈ Z[X]. But by Bezout’s Lemma, there are integers ni so that X nici = 1. i Therefore, X X niabci = ab nici = ab ∈ Z. i i From this, we get a decomposition f = (abg1)(h1) in Z[X]. Therefore, either abg1 or h1 must be a unit in Z[X]. And hence, one of g or h must be a unit in Q[X]. 2 In fact, the proof shows: 5 3 Refined Gauss Lemma Suppose f(X) ∈ Z[X] and we can write f(X) = g(X)h(X) in Q[X]. Then there are constant multiples gZ of g and hZ of h such that gZ, hZ ∈ Z[X] and

f(X) = gZ(X)hZ(X).

4 Corollary Let f ∈ Z[X] have the form

n n−1 f(X) = anX + an−1X + ··· + a1X + a0

with an 6= 0. If r/s written in reduced form is a rational root of f(X), then r|a0 and s|an.

Proof. We have f(X) = (X − r/s)g(X) in Q[X]. Thus, there must be constant multiples a(X − r/s) and bg(X) in Z[X] such that

f(X) = a(X − r/s)bg(X).

Now, since aX − ar/s ∈ Z[X], we have a ∈ Z and ar/s ∈ Z. Since s is coprime to r, then we must have s|a. Since a is the leading term of aX − ar/s, it must divide the leading term of f, i.e., an. So s|an. Similarly, ar/s = (a/s)r must divide the constant term of f(X), i.e. a0. So r|a0. 2 This result is interesting from the perspective of the theory of Diophantine equations, i.e., finding integral or rational solutions to polynomial equations, say,

2X10 + 3Y 10 = 5Z10.

In general, procedures for finding rational solutions are rare. But this corollary says that for polynomials in one variable, there is a clear-cut algorithm.

5 Corollary Let f(X) ∈ Z[X] be a monic polynomial. If f(X) has a rational root a, then a ∈ Z and

f(X) = (X − a)g(X)

with g(X) ∈ Z[X].

Proof. An immediate consequence of the previous corollary and its proof. 2 If f is reducible in k[x], then f = gh for g, h of degree strictly less than deg f.A factorization of f will refer to any product expression f = f1f2 ··· fn

with at least two fi non-units of degree strictly less than deg f. Sometimes we speak of a proper factor- ization, or a non-trivial factorization, as opposed trivial factorizations where all but one fi are units.

6 Corollary Let f ∈ Z[X] be monic of degree 2 or 3. If f factorizes in Q[X], then f has a root in Z, which is a factor of the constant term of f.

Proof. A factorization of f would look like f = gh where both g and h have degree strictly less than f. But then, either g or h will have degree one, and f will have a rational root. Therefore, it will have an integral root. 2 Thus, to check irreducibility of monic f(X) of degree ≤ 3, we just need to evaluate f(a) for a ∈ Z dividing the constant term of f(X). 6 7 Example X3 + X + 1 is irreducible, since any root would have to be a factor of 1. Exercise: Generalize the previous corollary to f ∈ Z[x] of degree ≤ 3 that is not necessarily monic.

n 8 Eisenstein’s Criterion Let f(X) = a0 + a1X + ... + anX . If there is a prime number p such that • p divides all but the leading coefficient of f;

• p2 does not divide the constant coefficient of f; then f is irreducible.

9 Example X6 + 4X + 6 is irreducible, since it satisfies Eisenstein’s Criterion with the prime number 2.

¯ 10 Reduction modulo p Let f ∈ Z[X] and let p be a prime number. We shall write f ∈ Fp[X] for the reduction of f modulo p. Assume that f and f¯ have the same degree. If f¯ is an irreducible element of Fp[X] then f is irreducible over Q. (Note that in Fp[X] there are only finitely many possibilities for 4 3 4 3 factors since Fp is finite.) X +X +1 is irreducible, since X + X + 1 is irreducible in F2[X] (why?).

11 Change of Variable Let f ∈ Z[X] and let a ∈ Z. Then f(X) is irreducible iff f(X + a) is irreducible.

7 Lecture 2

2.1.1 Euclid’s Algorithm For f, g ∈ k[X] there is an highest common factor of f and g. This is the monic polynomial h of highest degree, which divides both f and g. If k also divides f and g then k is a factor of h. The highest common factor is calulated using the Euclidean algorithm: We divide f by g with remainder: f = qg + r, And then hcf(f, g) = hcf(g, r). Also hcf(f, 0) = f. For example take f(X) = X2 + 5X + 6, g(X) = X3 − 4X. etc

12 Definition Any ring with a Euclidean algorithm is called a Euclidean ring. For example Z and k[X] are Euclidean rings.

2.1.2 Ideals Let R be a ring. An ideal of R is a non-empty subset I ⊆ R such that: • if x, y ∈ I then x + y ∈ I; • if x ∈ I and λ ∈ R then λx ∈ I. For example define for x ∈ R: (x) = {λx : λ ∈ R}. ideals of this form are called principal ideals. More generally, nX o (x1, . . . , xn) = λixi

is the ideal generated by x1, . . . xn. It is often the case that two generators can be replaced by one, for example in Z (4, 6) = (2), (a, b) = (hcf(a, b)). so (4, 6) is a principle ideal. If every ideal of a ring R is principal then R is called a principal ideal domain.

13 Theorem E very Euclidean ring is a principal ideal domain.

Proof. Let I be an ideal and assume I 6= (0). Choose 0 6= x ∈ I of smallest possible degree. We show that every element of I is a multiple of x. Indeed if y ∈ I then by the Euclidean algorithm we can write y = qx + r, where r has smaller degree than x. It follows that r ∈ I so by choice of x we have r = 0. 2

14 Corollary k[X] and Z are principal ideal domains.

Proof. Both these rings have Euclidean algorithms. 2 An ideal I ⊆ R is a maximal ideal if • I 6= R; • If J is another ideal of R and I ⊆ J, then either J = I or J = R. Note that for principle ideals we have: (a) ⊆ (b) iff b|a. From this we obtain: 8 15 Proposition The maximal ideals of k[X] are of the form (p), where p is an irreducible polynomial.

2.1.3 Quotient rings 16 Definition Let I be an ideal of a ring R. We define R/I to be the set of additive cosets a + I of I in R. We make R/I into a ring by defining

(a + I) + (b + I) := (a + b) + I,

(a + I)(b + I) := (ab) + I,

17 Theorem Let R be a ring and let I be an ideal of R. Then I is maximal if and only if R/I is a field.

2.1.4 Homomorphisms of rings 18 Definition Let R and S be rings. A homomorphism from R to S is a function φ : R → S such that • φ(a + b) = φ(a) + φ(b), • φ(ab) = φ(a)φ(b), • φ(1) = 1.

19 Lemma The kernel of a ring homomorphism is an ideal.

Proof. Let x, y ∈ ker φ and λ ∈ R. We have φ(x) = φ(y) = 0. Therefore φ(x + y) = 0 + 0 = 0 and φ(λx) = φ(λ) × 0 = 0. This shows that x + y ∈ ker φ and λx ∈ ker φ. 2

20 Lemma If k is a field then {0} and k are the only two ideals of k.

Proof. Let I be a non-zero ideal and let x ∈ I be a non-zero element of I. Since x has an inverse in K, we have for any element y ∈ k, y = (yx−1)x ∈ I, so I = k. 2

21 Corollary Let k be a field and φ : k → R a ring homomorphism. Then φ is injective.

Proof. ker(φ) is an ideal of k, so is either 0 or k. Since φ(1) = 1, we have ker(φ) 6= k. Therefore ker(φ) = 0. 2

9 Lecture 3

2.2 Field extensions 22 Definition Let k ⊂ L be two fields. We call k a subfield of L, and L an extension of k. √ √ For example Q( 2) = {a + b 2 : a, b ∈ Q} is an extension of Q. On the other hand we have field extensions of the form k[X]/(f), where f is an irreducible polynomial. We’ll see that these two kinds of example are in fact the same.

23 Definition Let L be a field extension of k. An element α ∈ L is algebraic over k if there is a non-zero polynomial f ∈ k[X] such that f(α) = 0. If α is algebraic over k we define the ring generated by α over k:

k[α] = {f(α): f ∈ k[X]},

and the field generated by α: ½ ¾ f(α) k(α) = : f, g ∈ k[X], g(α 6= 0 . g(α)

So we have k ⊆ k[α] ⊆ k(α) ⊆ L. We also define I(α) = {f ∈ k[X]: f(α) = 0}.

24 Lemma I(α) is an ideal of k[X].

25 Definition By the minimal polynomial of α we shall mean the monic polynomial m such that I(α) = (m).

26 Lemma I(α) is maximal. Equivalently, m is irreducible.

Proof. Suppose m = ab. We have

a(α)b(α) = m(α) = 0.

therefore w.l.g. a(α) = 0. Hence a ∈ (m), so m|a. This implies deg m = deg a and b is a constant. Hence m is irreducible. 2

27 Lemma m is the minimal polynomial of α if and only if (m(α) = 0 and m is monic and irreducible).

Proof. One direction is already proved. Assume m is monic and irreducible and m(α) = 0. Then m ∈ I(α) so the real minimal polynomial must be a factor of m. Since m is irreducible, it is the minimal polynomial. 2

10 28 Theorem Let α be algebraic over k. Then k(α) = k[α] and there is an isomorphism of fields:

Φ: k[X]/(m) → k(α), f + (m) 7→ f(α).

Proof.

1. We first show that Φ is well defined. If f ≡ g mod I(α) then f − g ∈ I(α), so f(α) − g(α) = 0. Hence f(α) = g(α).

2. It is easy to check that Φ is a ring homomorphism. For example,

Φ(f + g + I(α)) = (f + g)(α) = f(α) + g(α) = Φ(f + I(α)) + Φ(g + I(α)).

Φ(fg + I(α)) = (f × g)(α) = f(α)g(α) = Φ(f + I(α))Φ(g + I(α)).

3. The image if Φ is clearly k[α].

4. Since I(α) is maximal, k[X]/I(α) is a field, so Φ must be injective.

5. Therefore Φ is an isomorphism between k[X]/I(α) and k[α].

6. Since k[X]/I(α) is a field, it follows that k[α] is a field, so in fact k(α) = k[α]. 2

11 Lecture 4

√ √ √ 29 Example Let α = 2 + 3. We have α2 = 5 + 2 6. Therefore (α2 − 5)2 − 24 = 0. Thus α is a zero of the polynomial m(X) = X4 − 10X2 + 1. To show that m is the minimal polynomial we need to show that it is irreducible. Any linear factor would have to be of the form X − a where ais a factor of 1 (by the Gauss Lemma). Since m(1) and m(−1) are non-zero, m has no linear factors over Q, so we just need to check for quadratic factors. Suppose

m(X) = (X2 + aX + b)(X2 + cX + d), a, b, c, d ∈ Z.

Equating coefficients we have

a + c = 0, ac + b + d = −10, ad + bc = 0, bd = 1.

For first and 4th equations give c = −a and b = d = ±1. Then the second equation gives a2 = 10 ± 2, which is impossible since neither 8 nor 12 is a square. The theorem gives an isomorphism

Q[X]/(X4 − 10X2 + 1) =∼ Q(α).

The isomorphism takes a + bX + cX2 + dX3 mod m to a + bα + cα2 + dα3.

2.3 Degrees of extensions 30 Definition Let L be an extension of k. We can think of L as just a vector space over k be forgetting how to multiply two elements of L together. The dimension of L as a vector space over k is called the degree of the extension. This is written [L : k].

31 Example C is a 2-dimensional vector space over R, so [C : R] = 2.

32 Example Let f ∈ k[X] be an irreducible polynomial of degree d. Then {1,X,...,Xd−1} is a basis for k[X]/(f). Therefore [k[X]/(f): k] = deg(f).

33 Example Let α be algebraic over k and let mα be its minimal polynomial over k. By the theorem, k(α) is isomorphic to k[X]/(m), so by the previous example we have

[k(α): k] = deg(mα).

34 Proposition α is algebraic over k if and only if [k(α): k] < ∞.

Proof. If α is algebraic over k then we’ve already proved this, since the degree of the extension is just the degree of it’s minimal polynomial, which is finite. Conversely, suppose that [k(α): k] = d < ∞. d Then the d + 1 vectors 1, α, . . . , α cannot be linearly dependent over k. Thus there exist λ0, . . . λd ∈ k P i not all zero such that λiα = 0. In other words α is algebraic over k. 2

12 35 Tower Theorem Suppose we have three fields k ⊂ L ⊂ M. Then [M : k] = [M : L][L : k].

Proof. Let {ai} be a basis for L over k and let {bj} be a basis for M over L. We’ll show that {aibj} is a basis for M over k. P (Spanning) Let v ∈ M. thenP we can find λj ∈ PL such that v = λjbj. Similarly for each λj we can find µi,j ∈ k such that λj = i µi,jai. Hence v = i,j µi,jPaibj. P (LinearP independence) Suppose we have µi,j ∈ k with i,j µi,jaibj = 0. Let λj = i µi,jai, so λj ∈ L and j λjbj = 0. Since {bj} is linearly independent over L, it follows that the λj are all 0. Then since {ai} is linearly independent over k, it follows that the µi,j are all 0. 2

36 Corollary Let L be a field extension of k and let Lalg be the set of elements of L, which are algebraic over k. Then Lalg is a field.

Proof. Let α, β be algebraic over k. Note that β is also algebraic over k(α). Therefore the degrees [k(α, β): k(α)] and [k(α): k] are both finite, so by the tower theorem [k(α, β): k] is finite. Let γ be one of the numbers α + β, αβ, α/β. Since γ ∈ k(α, β) it follows that [k(γ): k] is finite, and hence γ is algebraic over k. This shows that Lalg is closed under the field operations, so is a subfield of L. 2

37 Corollary The algebraic numbers form a subfield of C.

Proof. This is a special case of the previous corollary with k = Q and L = C. 2

13 Lecture 5 Here are two results about subfields of C.

38 Galois’ Separability Theorem Let k be a subfield of C and let f ∈ k[X] be irreducible. Then f Qd has no repeated roots in C, i.e. f(X) = i=1(X − αi) with αi ∈ C distinct.

Proof. Suppose α is a repeated root, so we have over C:

f(X) = (X − α)2g(X).

Then f 0(X) = 2(X − α)g(X) + (X − α)2g0(X). Hence f 0(α) = 0, so f 0 ∈ I(α). However, since f is irreducible, it is the minimal polynomial of α, so we’ve shown that f|f 0. This is impossible since f 0 has smaller degree than f. 2

0 39 Remark This proof fails in fields containing Fp, since in such fields f can be zero. For example the polynomial Xp − a has derivative 0 for any constant a.

40 Primitive element theorem Let L be a finite degree extension of k, and assume that k ⊂ L ⊂ C. Then there exists an element θ ∈ L such that L = k(θ). The generator θ ∈ L is called a primitive element. √ √ √ √ √ √ 41 Example The element 2 + 3 is primitive in Q( 2, 3). To see√ this,√ we note that 2 + 3 has 4 2 minimal polynomial X − 10X √+ 1,√ which has degree 4. Therefore [Q( 2 + 3) : Q] = 4. On the other hand by the tower theorem, [Q( 2, 3) : Q] ≤ 4.

Proof. We can certainly find α1, . . . αn ∈ L such that L = k(α1, . . . , αn), so it is sufficient to show that in any field extension of the form L = k(α, β) there is a primitive element. Let p be the minimal polynomial of α and let q be the minimal polynomial of β. Let α1, . . . , αn be the zeros of p (with α1 = α) and let β = β1, β2, . . . , βm be the zeros of q. The trick is to choose c ∈ k so that α + cβ 6= αi + cβj unless i = j = 1. This is possible since k is infinite and each of these equations has at most one solution. Now let θ = α + cβ; we’ll show that k(α, β) = k(θ). For this it’s sufficient to show that β ∈ k(θ). Define r ∈ k(θ)[X] by: r(X) = p(θ − cX).

We note that r(β) = p(α) = 0; furthermore, by our choice of c, r(βj) 6= 0 for j 6= 1. Thus β is the only common zero of q and r. Let m be the minimal polynomial of β over k(θ). Since q(β) = 0 we know that m|q. Similarly m|r. Hence any zero of m would be a common zero of q and r. We’ve shown that β is the only zero of m. By Galois’ Separability Theorem, m has no repeated roots, so m(X) = X − β. Thus β ∈ k(θ). 2

14 Lecture 6

2.4 Symmetric polynomials

42 Definition Let k be a field and let f ∈ k[X1,...,Xn]. Then f is called a symmetric polynomial if for all permutations σ ∈ Sn we have

f(Xσ(1),...,Xσ(n)) = f(X1,...,Xn).

43 Example For example X + Y , XY , X2 + 3XY + Y 2 are symmetric polynomials in 2 variables. The elementary symmetric polynomials are

s1 = X1 + ... + Xn, X s2 = XiXj 1≤i

n n−1 n f(X) = X − s1(α)X + ... + (−1) sn(α).

44 Newton’s Theorem The ring of symmetric polynomials is generated as a ring over k by the elementary symmetric polynomials.

Proof. The idea is to order the monimials lexicographically:

a1 an b1 bn X1 ··· Xn > X1 ··· Xn

iff a1 > b1 or a1 = b1 and a2 > b2 ... etc. We can therefore define the leading term of a polynomial in n variables. If f is symmetric then its leading term satisfies a1 ≥ a2 ≥ etc. There is also a monomial in the symmetric polynomials with the same leading term:

an an−1−an sn sn−1 .... After subtracting a multiple of this expression we obtain something with smaller leading term. The proof proceeds by induction. 2

15 45 Example Let f(X) = X3 + Y 3 + Z3. We have

X3 + Y 3 + Z3 = (X + Y + Z)3 −3(X2Y + Y 2Z + Z2X + XY 2 + YZ2 + ZX2) −6XYZ 3 = s1 −3((X + Y + Z)(XY + YZ + ZX) − 3XYZ)

−6s3 3 = s1 − 3(s1s2 − 3s3) − 6s3 3 = s1 − 3s1s2 + 3s3. So if α, β, γ are the zeros of the polynomial X3 + 3X2 + 6X + 15 then

α3 + β3 + γ3 = (−3)3 − 3(−3 × 6) + 3 × (−15) = −27 + 54 − 45 = −18.

46 Example Let ∆ = (α − β)2(β − γ)2(γ − α)2. We’ll express this in terms of

Σα = α + β + γ, Σαβ = αβ + βγ + γα, Πα = αβγ.

etc.

47 Example

x4 + y4 + z4 = (x + y + z)4 − 6(x2y2 + y2z2 + z2x2) −4(x3y + y3z + z3x + xy3 + yz3 + zx3) − 12(x2yz + xy2z + xyz2) 4 2 2 2 2 = s1 − 6((xy + yz + zx) − 2(x yz + xy z + xyz )) 2 2 2 2 2 2 −4((x + y + z )(xy + yz + zx) − (x yz + xy z + xyz )) − 12s1s3 4 2 = s1 − 6(s2 − 2s1s3) 2 −4(((x + y + z) − 2(xy + yz + zx))s2 − s1s3) − 12s1s3 4 2 = s1 − 6s2 + 12s1s3) 2 −4((s1 − 2s2)s2 − s1s3) − 12s1s3 4 2 2 2 = s1 − 6s2 − 4s1s2 + 8s2 + 4s1s3 4 2 2 = s1 − 4s1s2 + 2s2 + 4s1s3.

2.5 k-Homomorphisms * 48 Definition Suppose L and M are two field extensions of k.A k-homomorphism from L to M is a map φ : L → M such that • φ is a ring homomorphism; • if x ∈ k then φ(x) = x.

16 49 Example Let α be algebraic over k with minimal polynomial m. We’ve shown that there is an isomorphism k[X]/(m) =∼ k(α) which takes f + (m) to f(α). This is clearly a k-homomorphism.

50 Lemma Suppose φ : L → M is a k-homomorphism. Then for any polynomial f ∈ k[X] and any α ∈ L, f(φ(α)) = φ(f(α)).

51 Definition Let α, β be algebraic over k. Then α and β are said to be k-conjugate if they have the same minimal polynomial over k.

52 Corollary Suppose φ : L → M is a k-homomorphism. Then for any α ∈ L, φ(α) is k-conjugate to α.

53 Corollary Let φ : k(α1, . . . , αn) → L be a k-homomorphism. Then φ is determined by the values φ(α1), . . . , φ(αn).

2.6 Splitting fields and Galois groups *

54 Definition Let k be a subfield of C and let f ∈ k[X] be any polynomial. Let α1, . . . , αn ∈ C be the zeros of f. By the splitting field of f we shall mean the field k(α1, . . . , αn).

55 Corollary Let k be a subfield of C and let L be a finite extension of k. Then there are exactly [L : k] k-homomorphisms from L to C.

56 Corollary Let k be a subfield of C and let L be a splitting field over k. Then there are exactly [L : k] k-automorphisms of L.

57 Definition Let L be a splitting field over k. The Galois group of L over k is the group of k- automorphisms of L. This is written Gal(L/k). So we have proved:

58 Main theorems of Galois Theory For any splitting field L over k we have Gal(L/k) = [L : k].

59 Definition If L is a field and G is a group of automorphisms of L then we define the fixed field of G by LG = {α ∈ L : ∀φ ∈ G, φ(α) = α}. Note that LG is a subfield of L, since if α and β are fixed by φ then so are α + β, αβ, α/β, etc.

17 60 Corollary If L is a splitting field over k then LGal(L/k) = k.

Proof. Let G = Gal(L : k). Every element of G fixes k, so

k ⊆ LG ⊆ L.

Furthermore L is a splitting field over LG (with the same polynomial as over k). By definition, every element of G fixes LG, so we have Gal(L/k) = Gal(L/LG). Hence by the main theorem of Galois theory,

[L : k] = [L : LG].

Hence by the tower theorem, [LG : k] = 1. 2

2.7 Calculating Galois groups * quadratic fields. cubic fields.

18 Lecture 7

3 Algebraic Number Fields 3.1 Field embeddings 61 Definition An algebraic number field is a finite degree extension of Q.

62 Remark By the primitive element theorem, every algebraic number field is of the form k = Q(α) for some algebraic number α. The degree of the extension is the degree of the minimal polynomial m of α. Furthermore k is isomorphic to Q[X]/(m). The isomorphism takes α to X + (m).

63 Definition If k is an algebraic number field then a field embedding is a homomorphism σ : k → C. Note that since k is a field, the field embeddings are all injective.

64 Lemma If σ : k → C is an embedding then for any x ∈ Q we have σ(x) = x.

65 Lemma If f ∈ Q[X] and σ : k → C is an embedding then for any x ∈ k we have f(σ(x)) = σ(f(x)).

P n Proof. Let f(X) = anX with an ∈ Q. Since σ is a ring homomorphism we have: ³X ´ n σ(f(x)) = σ anx X n = σ(an)σ(x) X n = anσ(x) = f(σ(x)).

2

66 Lemma If k = Q(α) and σ : k → C is an embedding then σ is determined by σ(α).

Proof. Let x ∈ k. We have x = g(α) for some g ∈ Q[X]. But then by the previous lemma, σ(x) = g(σ(α)). 2

67 Definition Two algebraic numbers α, β are Q-conjugate if they have the same minimal polynomial over Q.

68 Lemma If σ : k → C is an embedding then for any x ∈ k, σ(x) and x are Q-conjugate.

Proof. Let m be the minimal polynomial of x. Then m is irreducible over Q and m(σ(x)) = σ(m(x)) = σ(0) = 0. Therefore m is the minimal polynomial of σ(x). 2

19 69 Theorem Let d = [k : Q]. Then there are exactly d field embeddings σ1, . . . σd : k → C.

Proof. Let k = Q(α); let m be the minimal polynomial of α and let α1, . . . , αd ∈ C be the conjugates of α. For each conjugate αi there is at most one field embedding such that σ(α) = αi. We must prove that this field embedding actually exists. We construct it as the composition of the field isomorphisms which we already have: Q(α) → Q[X]/(m) → Q(αi) ⊂ C α 7→ X + (m) 7→ αi 2

√ √ 70 Example Let k = Q( 2) = {a + b 2 : a, b ∈ Q}. The two field embeddings are √ √ √ √ σ1(a + b 2) = a + b 2, σ2(a + b 2) = a − b 2.

71 Example Let k = Q(α) where α is a zero of m(X) = X3 + 2X + 2. Note that m is irredicuble by Eisenstein’s criterion, so [k : Q] = 3 and we have

k = {a + bα + cα2 : a, b, c ∈ Q}.

Let β, γ be the other two zeroes of f. The three field embeddings are

2 2 2 2 2 2 σ1(a + bα + cα ) = a + bα + cα , σ2(a + bα + cα ) = a + bβ + cβ , σ2(a + bα + cα ) = a + bγ + cγ .

20 Lecture 8

3.2 Norm, Trace and Discriminant

72 Definition Let k be an algebraic number field of degree d over Q and let σ1, . . . , σd be the field embeddings of k. For x ∈ k we define the norm and trace of x by Y X N(x) = σi(x), Tr(x) = σi(x).

From the definition, it appears that the norm and trace are simply complex numbers. However we have:

73 Proposition For x ∈ k, the norm and trace of x are in Q.

Proof. Let k = Q(α) and let α1, . . . , αd be the conjugates of α in C. We have x = g(α) for some g ∈ Q[X]. Therefore Y Y Y N(x) = σi(g(α)) = g(σi(α)) = g(αi).

This is clearly a symmetric polynomial in α1, . . . , αd, so is in Q. Similarly X Tr(x) = g(αi) ∈ Q.

2

74 Proposition N(xy) = N(x)N(y) and Tr(x + y) = Tr(x) + Tr(y).

Proof. easy. 2

√ 75 Example Let k = Q( 2). We have √ √ √ N(a + b 2) = (a + b 2)(a − b 2) = a2 − 2b2, √ √ √ Tr(a + b 2) = (a + b 2) + (a − b 2) = 2a.

76 Definition Let B be a basis for an algebraic number field k as a vector space over Q. The disriminant of B is defined to be d ∆(B) = det(Tr(bibj))i,j=1, B = {b1, . . . , bd} Since Tr takes rational values, the discriminant is always a rational number. Note that we have a bilinear form f : k × k → Q defined by f(v, w) = Tr(vw). We see that the discriminant of B is simply the determinant of the matrix of f with respect to B.

21 77 Proposition Let σ1, . . . , σd : k → C be the field embeddings of k. For any basis B = {b1, . . . , bd} we have: 2 ∆(B) = det(σi(bj)) .

t Proof. Let A = (σi(bj)). The i, j-entry of A A is given by X t (A A)i,j = σk(bi)σk(bj) = Tr(bibj). k

Therefore ∆B = det(AtA) = det(A)2. 2

√ 78 Example Let k = Q( 2). Then we have µ √ ¶ √ 1 2 ∆{1, 2} = det √ = 8. 1 − 2

79 Remark Note that we have a symmetric bilinear form f : k × k → Q defined by

f(v, w) = Tr(vw).

We see that the discriminant of B is simply the determinant of the matrix of f with respect to B.

P 80 Corollary If C is another basis and Λ is the transition matrix from B to C (i.e. ci = λi,jbj) then ∆(C) = det(Λ)2 · ∆(B).

Proof. This follows from the basis change formula for symmetric bilinear forms. 2

81 Vandermonde Determinants

 d−1 1 X1 ...X1  d−1 1 X2 ...X2  Y det . .  = (Xi − Xj). . .  . . i>j d−1 1 Xd ...Xd

Proof. By induction on n. If n = 1 then this is easy. Assume the result in the (n − 1) × (n − 1) case.

22 can do the following row and column operations:     d−1 d−1 d−1 0 X1 − Xd ...X1 − Xd 1 X1 ...X1 . .  . .  . .  det . .  = det . .  . .  d−1 d−1 d−1 0 Xd−1 − Xd ...Xd−1 − Xd 1 Xd ...Xd d−1 1 Xd ...Xd  d−1 d−1 X1 − Xd ...X1 − Xd d−1  . .  = (−1) det  . .  d−1 d−1 Xd−1 − Xd ...Xd−1 − Xd   1 X + X ...Xd−2 + ... + Xd−2 dY−1 1 d 1 d d−1 . .  = (−1) (Xi − Xd) det . .  i=1 d−2 d−2 1 Xd−1 + Xd ...Xd−1 + ... + Xd  d−2  d−1 1 X1 ...X1 Y . . = (Xd − Xi) det . . i=1 d−2 1 Xd−1 ...Xd−1 dY−1 Y = (Xd − Xi) (Xj − Xi) i=1 1≤i

82 Corollary Let k = Q(α) be an algebraic number field and let α1, . . . , αd be the conjugates of α. Then Y d−1 2 ∆{1, α, . . . , α } = (αi − αj) . i>j

Proof. By the proposition, we can see that the discriminant is a square of a Vandermonde determinant. 2

83 Corollary For any basis B, we have ∆B 6= 0.

Proof. This follows from the previous corollary in the case B = {1, α, . . . , αd−1}. The general case follows from the basis change formula. 2

23 Lecture 9

3.3 Algebraic Integers 84 Definition Let L be a field extension of Q. An element α ∈ L is called an algebraic integer if there is a monic polynomial f ∈ Z[X] such that f(α) = 0.

√ 85 Example 2 is an algebraic integer; the monic polynomial is X2 − 2.

86 Lemma α is an algebraic integer if and only if Z[α] is finitely generated as an abelian group.

Proof. Suppose α is an algebraic integer, and let f(α) = 0, where

n n−1 f(X) = X + an−1X + ... + a0, a0, . . . , ad−1 ∈ Z.

Clearly Z[α] is generated as a group by {αi : i ≥ 0}. We shall show that it is in fact generated by m−1 m m−1 {1, α, . . . , α }. To show this, it is sufficient to prove that for m ≥ n, we have α ∈ spanZ{1, α, . . . , α }. Since f(α) = 0, it follows that n n−1 α = −an−1α − ... − a0. Therefore m m−1 m−n m−1 α = −an−1α − ... − a0α ∈ spanZ{1, α, . . . , α }. Conversely, suppose Z[α] = spanZ{b1, . . . , bn}.

Each bi can be expanded in terms of α: NX−1 j bi = ai,jα , ai,j ∈ Z. j=0

N Since α ∈ Z[α], it can be expanded in terms of {b1, . . . , bn}: Xn N α = xibi, xi ∈ Z i=1 Substituting the previous equation, we have

Xn NX−1 N j α = xiai,jα . i=1 j=0 Rearranging this, we can see that α is a zero of a monic polynomial with integer coefficients. 2

87 Corollary Let L be any field containing Q. The algebraic integers in L form a subring of L. (i.e. they are closed under addition and multiplication).

Proof. Let α and β be algebraic integers, and assume

Z[α] = spanZ{g1, . . . gn}, Z[α] = spanZ{h1, . . . hm}. Then clearly every monomial is in the additive group generated by the products:

i j α β ∈ spanZ{gihj}. 24 Therefore Z[α, β] ⊂ spanZ{gihj}. It follows that Z[α, β] is a finitely generated additive group. Now suppose γ = αβ or α+β. Then we have Z[γ] ⊂ Z[α, β] so Z[γ] is also finitely generated. By the lemma it follows that γ is an algebraic integer. 2

88 Definition For an algebraic number field k, we shall write ok for the ring of algebraic integers in k.

89 Lemma Let α have minimal polynomial mα. Then α is an algebraic integer if and only if mα ∈ Z[X].

Proof. If mα has integer coefficients then clearly α is an algebraic integer. Conversely, assume f(α) = 0 for some monic polynomial f ∈ Z[X]. By definition, we have f ∈ I(α) = (mα). Therefore f = qmα for some q ∈ Q[X]. However by the Gauss Lemma, there is a constant c ∈ Q× such that both c × q and −1 c × mα have integer coefficients. Since both f and q are monic, it follows that q is monic. Hence both −1 c and c are integers, so c = ±1. This implies that mα ∈ Z[X]. 2 Using the lemma we easily determine whether an element is an algebraic integer or not.

90 Example oQ = Z. This follows because the minimal polynomial of a rational number α is always X − α.

91 Example Let k = Q(i) = {a + ib : a, b ∈ Q}. Suppose α = a + ib is an algebraic integer with b 6= 0. The minimal polynomial of α is

m(X) = (X − α)(X − α¯) = X2 − 2aX + (a2 + b2).

2 2 Therefore α ∈ ok if and only if both 2a and a + b are in Z. The only way this can happen is if both a and b are in Z. Hence ok = Z[i] = {a + ib : a, b ∈ Z}.

92 Corollary Let x ∈ ok. Then N(x), Tr(x) ∈ Z. If B is a basis for k over Q and B ⊂ ok then ∆(B) ∈ Z \{0}

Proof. The images σi(x) are conjugates of x so have the same minimal polynomial. By the lemma, they must also be algebraic integers. Since the algebraic integers in C form a ring, the norm and trace of x must also be algebraic integers. However the norm and trace are also rational numbers, and we have already seen that oQ = Z. This shows that the norms and traces of algebraic integers are integers. The discriminant of a basis of algebraic integers is therefore the determinant of a matrix of integers, so is also an integer. We have already proved that the discriminant is non-zero. 2

25 Lecture 10

3.4 Integral Bases

93 Definition Let B = {b1, . . . , bd} be a basis for k over Q. We shall cal B an integral basis if ( ) Xd ok = xibi : x1, . . . xd ∈ Z . i=1

94 Example {1} is an integral basis in Q.

95 Example {1, i} is an integral basis in Q(i). We’ll prove that integral bases always exist and describe an algorithm for calculating them.

96 Lemma For any α ∈ k there is an N ∈ N such that Nα ∈ ok.

Proof. Let m be the minimal polynomial of α, and suppose d = deg(m). Then N dm(X/N) is the minimal polynomial of Nα (Nα is a zero of this polynomial, and it is also monic and irreducible, so must d d−i be the minimal polynomial). The coefficients of N m(X/N) are N ai. We may choose N so that these rational numbers are all integers. 2

97 Corollary There is a basis B for k over Q such that B ⊂ ok.

Proof. Choose any basis and multiply the basis vectors by natural numbers to make them algebraic integers. 2

98 Theorem Let k be an algebraic number field. Then there is an integral basis of k. More precisely if B ⊂ ok is chosen so that |∆B| is as small as possible then B is an integral basis.

Proof. Since B ⊂ ok we clearly have spanZB ⊆ ok. Suppose B is not an integral basis, so there is an algebraic integer X θ = xibi, xi ∈ Q, with xi not all in Z. By subtracting a suitable algebraic integer we may assume that 0 ≤ xi < 1 for all i. Without loss of generality we assume that x1 6= 0. Now consider the new basis

C = {α, b2, . . . , bd}.

The transition matrix from B to C is   x1   x2 1    M = x3 1  .  . .   . ..  xd 1 26 Since det M = x1 6= 0 it follows that C genuinely is a basis. Now by the basis change formula for discriminants we have 2 ∆(C) = x1∆(B).

Since 0 < xi < 1 we have |∆C| < |∆B|. However C ⊂ ok, so this contradicts our choice of B. 2 By looking at the proof of this theorem we can find an algorithm for finding an integral basis.

1. Start with any basis B ⊂ o. 2. Calculate ∆(B) and let N be the largest natural number whose square divides ∆(B). 3. For each element of the form 1 X θ = a b , a ∈ {0,...,N − 1} not all 0, N i i i determine whether θ is an algebraic integer. If it is then replace one of the basis vectors by θ to get a new basis with discriminant of smaller absolute value, and go back to step 2.

4. If none of the θ are algebraic integers (or in N = 1) then B is an integral basis. √ 99 Example k = Q( −3).

27 Lecture 11

3.5 Integral bases in quadratic fields √ √ 1+ −3 We’ve seen that in Q(i) the basis {1, i} is an integral basis, whereas in Q( −3) the basis {1, 2 } is an integral basis. We’ll now describe a result which generalizes these two examples.

100 Definition An algebraic number field k is called a quadratic field if [k : Q] = 2. If k is a quadratic field then by the primitive element theorem we have k = Q(α), where α has minimal √ √ polynomial m(X) = X2 + bX + c, a, b ∈ Q. This means α = −b± b2−4c , so we have k = Q( b2 − 4c). √ 2 Therefore every quadratic field is of the form Q( x) with x ∈ Q× not a perfect square. Obviously for p √ y ∈ Q× we have Q( y2x) = Q( x) so we may also assume that x is a square-free integer. We therefore have: √ 101 Proposition If k is a quadratic field then k = Q( n) for some square-free n ∈ Z \{0, 1}. We can now describe an integral basis in each quadratic field. √ 102 Theorem Let n ∈ Z \{0, 1} be square-free and let k = Q( n). √ • If n 6≡ 1 mod 4 then {1, n} is an integral basis in k. n √ o 1+ n • If n ≡ 1 mod 4 then 1, 2 is an integral basis in k.

√ Proof. First suppose n 6≡ 1 mod 4. The basis B = {1, n} is contained in ok, and we have ∆(B) = 4n. Since n is square-free, we take N = 2 in the algorithm. We need to check that none of the elements: √ √ 1 n 1 + n , , 2 2 2

1 are algebraic integers. Clearly 2 ∈/ ok since oQ = Z. We have µ√ ¶ n −n N = . 2 4 √ n This is not an integer since n is square-free. Therefore 2 is not an algebraic integer. Finally µ √ ¶ 1 + n 1 − n N = . 2 4 √ 1+ n This is not an integer since n 6≡ 1 mod 4. Therefore 2 is not an algebraic integer. Hence B is an integral basis. √ ¡ ¢ 1+ n 1 2 n Next suppose n ≡ 1 mod 4 and let B = {1, α}, where α = 2 . We have α − 2 = 4 . Therefore α is a zero of the polynomial 1 − n X2 − X + . 4

Since n ≡ 1 mod 4 this has integer coefficients, so B ⊂ ok. On the other hand ∆(B) = n, which is square-free, so B must be an integral basis. 2

28 3.6 Cubic fields 103 Definition An algebraic number field k is called a cubic field if [k : Q] = 3. Let k = Q(α) be a cubic field, where α has minimal polynomial m(X) = X3 + aX2 + bX + c. We a a define the normalized cubic to be the polynomial m(X − 3 ). This is the minimal polynomial of θ = α+ 3 , and we clearly also have k = Q(θ). By multiplying θ by a suitable natural number we may ensure that it is an algebraic integer without changing the field which it generates. We therefore have:

104 Proposition If k is a cubic field then k = Q(α) for some element α with minimal polynomial

m(X) = X3 + aX + b, a, b ∈ Z.

To calculate an integral basis in a cubic field we will need the following result on discriminants.

105 Proposition Let k = Q(α) where α has minimal polynomial m(X) = X3 +aX +b a, b ∈ Q. Then

∆{1, α, α2} = −27b2 − 4a3.

The proof of this requires a general result on discriminants:

106 Theorem Let k = Q(α) be an algebraic number field with [k : Q] = d and let m be the minimal polynomial of α. Then d−1 d(d−1) 0 ∆{1, α, . . . , α } = (−1) 2 N(m (α)).

Proof. Let α1, . . . , αd ∈ C be the zeros of mα. Recall that the left hand side is the square of a Vandermonde determinant: Y Y d−1 2 d(d−1) ∆{1, α, . . . , α } = (αj − αi) = (−1) 2 (αi − αj). i

We shall now calculate the right hand side: We have Y 0 0 N(m (α)) = m (αi). i

On the other hand, Y m(X) = (X − αj), so X Y 0 m (X) = (X − αk). j k6=j

This implies Y 0 m (αi) = (αk − αi)). k:k6=i Therefore Y 0 N(m (α)) = (αk − αi). i,k:i6=k 2 29 Proof. We have m0(X) = 3X2 + a. Therefore ∆{1, α, α2} = −(3α2 + a)(3β2 + a)(3γ2 + a). When we expand this out we have:

−27(αβγ)2 − 9a(α2β2 + β2γ2 + γ2α2) − 3a2(α2 + β2 + γ2) − a3. Q We know that α + β + γ = 0, Σαβ = a and α = −b. This implies

α2β2γ2 = b2,

α2β2 + β2γ2 + γ2α2 = (Σαβ)2 − 2(Σα)(Πα) = a2, α2 + β2 + γ2 = (Σα)2 − 2Σαβ = −2a. Hence ∆ = −27b2 − 9a3 + 6a3 − a3 = −27b2 − 4a3. 2

30 Lecture 12

Proof of the Theorem. The polynomial m is irreducible over Q, but over k it factorizes (by the remainder theorem) as m(X) = (X − α)g(X), g ∈ k[X]. Furthermore over C it is a product of linear factors:

m(X) = (X − α1) ... (X − αd).

m(X) For each conjugate αi we have a field embedding σi : k ,→ C with σi(α) = αi. Since g(X) = X−α , we have σi(g) = gi in C[X], with m(X) Y gi(X) = = (X − αj). X − αi j6=i We shall now simply calculate the right hand side of the formula in the theorem. Differentiating m we have: m0(X) = g(X) + (X − α)g0(X), and hence m0(α) = g(α). Taking the norm of this we have:

Yd 0 N(m (α)) = σi(g(α)) i=1 Yd = gi(αi) i=1 Y = (αi − αj) i6=j Y = (αi − αj)(αj − αi) i

2

Proof of the Proposition. Let m(X) = X3 + aX + b factorize over C as (X − α)(X − β)(X − γ), so we have α + β + γ = 0, αβ + βγ + γα = a, αβγ = −b. On the other hand, by the theorem we have:

∆{1, α, α2} = −N(m0(α)).

We shall calculate the right hand side here by expressing N(m0(α)) in terms of the elementary symmetric

31 polynomials above. Clearly m0(X) = 3X2 + a and hence N(m0(α)) = (3α2 + a)(3β2 + a)(3γ2 + a) = 27α2β2γ2 +9a(α2β2 + β2γ2 + γ2α2) +3a2(α2 + β2 + γ2) +a3 = 27(αβγ)2 ¡ ¢ +9a (αβ + βγ + γα)2 − 2(αβγ2 + α2βγ + αβ2γ) ¡ ¢ +3a2 (α + β + γ)2 − 2(αβ + βγ + γα) +a3 = 27(αβγ)2 ¡ ¢ +9a (αβ + βγ + γα)2 − 2αβγ(α + β + γ) ¡ ¢ +3a2 (α + β + γ)2 − 2(αβ + βγ + γα) +a3 ¡ ¢ = 27b2 + 9a a2 + 3a2 (−2a) + a3 = 27b2 + 9a3 − 6a3 + a3 = 27b2 + 4a3. 2

107 Example m(X) = X3 + ....

108 Example m(X) = X3 + 2X + 2. This is irreducible by Eisenstein’s criterion with p = 2, so a root α generates a cubic field. Another corollary to the above theorem is:

109 Corollary Let k = Q(α) and let d = [k : Q]. The for any θ = α + x with x ∈ Q we have: ∆{1, α, . . . , αd−1} = ∆{1, θ, . . . , θd−1}.

Proof. Let mα be the minimal polynomial of α. Then the minimal polynomial of θ is

mθ(X) = mα(X − x). By the chain rule we have 0 0 mθ(X) = mα(X − x). Therefore 0 0 0 mθ(θ) = mα(θ − x) = mα(α). Hence by the theorem we have:

d(d−1) d−1 2 0 ∆{1, θ, . . . , θ } = (−1) N(mθ(θ)) d(d−1) 2 0 = (−1) N(mα(α)) = ∆{1, α, . . . , αd−1}. 2 32 Lecture 13

3.7 More tricks for calculating integral bases 1 P First trick Note that if there is an algebraic integer of the form N aibi with not all the ai divisible N by N, then for some prime factor p|N the coefficients ai are not all zero mod p . Hence the element 1 P 2 p aibi is an algebraic integer. It is therefore sufficient to check for each prime p with p |∆B that none of these elements are algebraic integers.

second trick Whan calculating norms and traces it s useful to note that

N(ab) = N(a)N(b), Tr(a + b) = Tr(a) + Tr(b). third trick This trick is an easy way of calculating the norms of certain elements.

110 Proposition Let k = Q(α) and let m be the minimal polynomial of α. Then for all x ∈ Q we have: N(x − α) = m(x).

Proof. easy. 2

d fourth trick Suppose mα satisfies Eisenstein’s criterion with the prime p. Then m(X) ≡ X mod p so we have m0(X) ≡ dXd−1 mod p. This implies

0 d−1 N(m (α)) ≡ N(dα ) mod p in oC.

Since both sides of this equation are in Z we have

N(m0(α)) ≡ N(dαd−1) mod p in Z.

Furthermore N(α) is a multiple of p so we have

N(m0(α)) ≡ 0 mod p.

Hence p is a factor of ∆{1, α, . . . , αd−1}. However the next theorem tells us that we will never need to worry about this factor when calculating an integral basis.

111 Theorem Let k = Q(α); let d = [k : Q] and assume that mα satisfies Eisenstein’s Criterion with the prime p. Let 1 Xd−1 θ = a αi, a ∈ {0, . . . , p − 1} not all 0. p i i i=0 Then θ is not an algebraic integer.

Proof. Suppose θ ∈ ok and let an be the first non-zero coefficient. We therefore have:

1 Xd−1 θ = a αi ∈ o . p i k i=n

33 We can write this as 1 ¡ ¢ θ = a αn + αn+1δ , δ ∈ o . p n k d−1−n Multiplying through by α we still have an element of ok:

a αd−1 αdδ αd−1−nθ = n + ∈ o . p p k On the other hand since m satisfies Eisenstein’s criterion we have

αd = pg(α), g ∈ Z[X].

It follows that a αd−1 n + g(α)δ ∈ o . p k

On the other hand since g(α)δ ∈ ok we have

a αd−1 n ∈ o . p k We shall calculate the norm of this to get a contradiction: µ ¶ a αd−1 ad N(α)d−1 N n = n . p pd

By Eisenstein’s criterion the constant coefficient of m is divisible by p but not by p2 Therefore N(α) = pr, where p 6 |r, and we have µ ¶ a αd−1 ad pd−1rd−1 ad rd−1 N n = n = n . p pd p

However this cannot be an integer, since neither an nor r is a multiple of p. This gives the contradiction. 2

3.8 More examples of integral bases Now that we know more tricks we can calculate integral bases much more easily. some cubic fields. X3 − 2. Xp − p.

34 Lecture 14

3.9 Prime Cyclotomic Fields 112 Definition Let n ∈ Z. A number ζ is called an n-th root of unity of ζn = 1. If there is no 1 ≤ r < n with ζr = 1 then ζ is called a primitive n-th root of unity. 2πi For example exp( n ) is a primitive n-th root of unity.

113 Remark Roots of unity are always algebraic integers since they are zeros of the polynomial Xn −1.

114 Remark The polynomials Xn − 1 are not irreducible, so are not the minimal polynomials of ζ. For example X − 1 is always a factor. More generally if r|n then Xr − 1 is a factor. We shall concentrate on the case n = p for some prime number p ≥ 3. Let ζ be a primitive p-th root of unity, and for convenience we let λ = ζ − 1.

115 Proposition The minimal polynomial of ζ is Xp − 1 m (X) = = 1 + X + ... + Xp−1. ζ X − 1 Equivalently the minimal polynomial of λ is p µ ¶ (X + 1)p − 1 X p m (X) = = Xi−1. λ X i i=1

Proof. It is sufficient to check that mλ is irreducible. This follows from the next result: 2

116 Lemma mλ satisfies Eisenstein’s criterion with the prime number p.

p! Proof. The coefficients are i!(p−i)! with 1 ≤ i ≤ p. Clearly the leading coefficient is 1 and the constant coefficient is p. For the other coefficients we have 2 ≤ i ≤ p − 1. The denominator of the coefficient is coprime to p and the numerator is a multiple of p; hence the coefficient is a multiple of p. 2 Now consider the field k = Q(ζ) = Q(λ). This is called the prime cyclotomic field. From the minimal polynomials of ζ and λ we have:

117 Proposition Let k = Q(ζ) = Q(λ) be the prime cyclotomic field for an odd prime p. • [k : Q] = p − 1. • N(ζ) = 1. • N(λ) = p.

Proof.

• The degree of mζ is clearly p − 1.

• The constant term of mζ is 1 and the degree is even.

• The constant coefficient of mλ is p and it’s degree is even. 2 35 118 Theorem We have

p−2 p−2 p−1 p−2 ∆{1, λ, . . . , λ } = ∆{1, ζ, . . . , ζ } = (−1) 2 p .

Furthermore {1, λ, . . . , λp−2} is an integral basis in k. Hence

ok = Z[λ] = Z[ζ].

Proof. We have by earlier theorems:

(p−1)(p−2) p−2 p−2 2 0 ∆{1, λ, . . . , λ } = ∆{1, ζ, . . . , ζ } = (−1) N(mζ (ζ)).

(p−1)(p−2) p−1 p 2 2 X −1 Since p is odd, we have (−1) = (−1) . Furthermore, since mζ (X) = X−1 , we have

pXp−1(X − 1) − (Xp − 1) m0 (X) = . ζ (X − 1)2

Therefore pζp−1(ζ − 1) − (ζp − 1) pζp−1 m0 (ζ) = = . ζ (ζ − 1)2 λ Hence pp−1N(ζ)p−1 N(m0 (ζ)) = = pp−2. ζ N(λ) The only prime whose square divides this is p. However the minimal polynomial of λ satisfies Eisenstein’s criterion at that prime. 2

119 Remark If n is not prime and k = Q(ζ), then it is still true that ok = Z[ζ]; however the proof is harder. The degree of the extension is given by

[k : Q] = #(Z/n)×.

This is the same as the number of primitive n-th roots of unity in k, since these are of the form ζa with a a coprime to n. If n = p for some prime p, then mλ still satisfies Eisenstein’s criterion for the prime p, i and we again use this fact to prove that {λ } is an integral basis. If n is not a power of a prime then mλ does’t satisfy Eisenstein’s criterion, so the proof is quite different in this case.

36 Lecture 15

4 Factorization in ok

4.1 Units and irreducible elements in ok Recall that in any commutative ring R with 1 there are three kinds of element:

• an element x ∈ R is called a unit if there exists an x−1 ∈ R such that xx−1 = 1;

• an element x ∈ R is called reducible if there is a factorization x = yz with neither y nor z a unit;

• an element x ∈ R is called irreducible if it is neither a unit nor reducible.

120 Proposition Let x ∈ ok. Then x is a unit if and only if N(x) = ±1.

121 Proposition Let x ∈ ok. If N(x) = ±p for a prime number p then x is irreducible. Note that the converse to this is false. For example 3 is irreducible in Z[i], but N(3) = 9. To see that 3 is irreducible we have to show that there is no element with norm ±3. The norm of a general element of Z[i] is given by N(x + iy) = x2 + y2, and this is clearly never ±3 for x, y ∈ Z.

× 122 Theorem Let x ∈ o \{0}. Then there is a unit u ∈ o and irreducible elements p1, . . . , pr such that x = up1 . . . pr.

Proof. By induction on |N(x)|. If |N(x)| = 1 then x is a unit. Assume the theorem is true for elements y with |N(y)| < |N(x)|. If x is irreducible then the theorem is true for x. If x is reducible then x = yz and |N(y)|, |N(z)| < |N(x)|. Hence both y and z can be factorized into irreducibles; therefore so can x. 2

123 Definition We say that a ring has unique factorization if whenever

p1 . . . pr = q1 . . . qs, pi, qi irreducible,

we always have r = s and (after reordering) there are units u1, . . . , ur such that pi = uiqi for i = 1, . . . r.

124 Example The rings Z and k[X] have unique factorization.

One of the main difficulties in algebraic number theory is that fact that ok does not usually have unique factorization.

37 √ √ 125 Example Let k = Q( −10), so ok = Z[ −10]. We have two different factorizations of the number 10: √ √ 10 = 2 × 5 = − −10 × −10. √ Furthermore the elements 2, 5 and −10 are all irreducible. To see this we calculate their norms: √ N(2) = 4,N(5) = 25,N( −10) = 10. The norm of a general element of the ring is √ N(x + y −10) = x2 + 10y2. Since this is never equal to ±2 or ±5, it follows that the above elements are irreducible, and none of them is a unit multiple of another. Therefore ok does not have unique factorization. To get around this problem, we introduce the idea of factorization of ideals, to generalize factorization of elements.

126 Definition Let I and J be ideals of a commutative ring R with 1. We define the product ideal I × J by I × J = (xy : x ∈ I, y ∈ J) . I.e. I × J is the ideal generated by products of elements of I by elements of J.

127 Example For principal ideals we have (x)(y) = (xy). More generally, (a, b)(c, d) = (ac, ad, bc, bd).

Later in the course, we shall prove the following theorem, which takes the place of uniqueness of factorization of elements:

128 Theorem Let I ⊂ ok be a non-zero ideal. Then there are maximal ideals p1,..., pr of ok such that I = p1 ... pr. Furthermore this factorization is unique up to reordering. √ We now return to the above example in Z[ −10]. Consider the ideals √ √ p = (2, −10), q = (5, −10). We have √ √ pq = (2, −10)(5, −10) √ √ = (10, 2 −10, 5 −10, −10) √ √ √ = (10, 2 −10, 5 −10, −10, −10) √ = ( −10) √ √ p2 = (2, −10)(2, −10) √ = (4, 2 −10, −10) √ = (4, 2 −10, −10, 2) = (2) √ √ q2 = (5, −10)(5, −10) √ = (25, 5 −10, −10) √ = (25, 5 −10, −10, 5) = (5). 38 So our two distinct factorizations into elements can both be refined to the same factorization into ideals: √ (10) = (2) × (5) = p2q2, (10) = ( −10)2 = (pq)2.

To understand the factorization of elements, as opposed to ideals, we need to find out which ideals are principal are which are not. For this purpose we define the class group of k to be the group

Clk = Ik/Pk, where Ik is the ideals of k, and Pk is the principal ideals. (In fact these are semi-groups, although the quotient is a group.) We shall prove that this is always a finite group, and calculate it in a lot of examples. If Clk is trivial then ok is a principal ideal domain, and has unique factorization.

39 Lecture 16

4.2 Prime ideals 129 Definition Let R be a commutative ring with 1. An ideal p ⊂ R is called a prime ideal if p 6= R and for x, y ∈ R, xy ∈ p ⇒ (x ∈ p or y ∈ p).

130 Definition A ring R is called an integral domain if it staisfies the condition

xy = 0 ⇒ (x = 0 or y = 0).

In other words (0) is a prime ideal.

131 Example If k is a field then certainly k is an integral domain. More generally subrings of fields are integral domains. In fact the converse is also true: every integral domain is a subring of a field.

132 Lemma p is prime if and only if R/p is an integral domain.

133 Corollary Every maximal ideal is prime.

Proof. Every field is an integral domain. 2

134 Remark The converse to this is false. For example if R is an integral domain but not a field, then (0) is a prime ideal but is not maximal.

135 Proposition Every finite integral domain is a field.

Proof. Let x ∈ R \{0}. We have to show that x has an inverse in R. The numbers x, x2,... cannot all be different, since R is finite. Therefore there exist n > m ≥ 0 such that

xn = xm.

This implies xm(xa − 1) = 0, a = n − m ≥ 1. Since R is an integral domain and x 6= 0, it follows that xa − 1 = 0. Hence xa = 1, so xa−1 is the inverse of x. 2

136 Proposition If I ⊂ ok is a non-zero ideal then o/I is finite.

Proof. Let x ∈ I \{0}. Clearly N(x) = xy for some other algebraic integer y, so we have N(x) ∈ I. Let n = |N(x)|. It follows that (n) ⊂ I, so it is sufficient to show that ok/(n) is finite. However

#o/(n) = #Zd/nZd = nd.

2

40 137 Corollary Every non-zero prime ideal of ok is maximal. Now let R be a commutative ring with 1. Recall that for two ideals I,J ⊆ R, we defined the product:

IJ = (xy : x ∈ I, y = inJ) .

For principal ideals this corresponds to multiplying the generators:

(x)(y) = (xy).

138 Lemma Let p be an ideal of R. Then p is prime if and only if for all ideals I,J ⊂ R

IJ ⊆ p ⇒ (I ⊆ p or J ⊆ p).

Proof. Assume p is prime and suppose IJ ⊆ p. We’ll assume that I 6⊆ p and prove that J ⊆ p. Let x ∈ I \ p. For every y ∈ J we have xy ∈ AB. Therefore xy ∈ p. Since x 6∈ p and p is prime, it follows that y ∈ p. Hence J ⊆ p. Now assume p satisfies the condition and suppose xy ∈ p. This implies (xy) ⊆ p. Therefore (x)(y) ⊆ p. By the assumption, we have (x) ⊆ p or (y) ⊆ p. This implies x ∈ p or y ∈ p. 2

41 Lecture 17

4.3 Uniqueness of Factorization into ideals 139 Definition A ring R is called a Noetherian ring if it satisfies the following condition (called the ascending chain condition): For every ascending sequence of ideals of R:

I1 ⊆ I2 ⊆ ..., there is an N ∈ N such that IN = IN+1 = IN+1 = ....

140 Definition For a non-zero ideal I ⊆ ok, we define the norm of I by

N(I) = |ok/I|.

Recall that this is always a finite number.

141 Lemma ok is Noetherian.

Proof. If we have a sequence of ideals

I1 ⊆ I2 ⊆ ..., then by the isomorphism theorem, we have an isomorphism of additive groups: ∼ o/I2 = (o/I1)/(I2/I1).

Hence N(I2) = N(I1)/|I2/I1|.

It follows that N(I2) < N(I1) with equality if and only if I2 = I1. Hence we have a decreasing sequence of natural numbers: N(I1) ≥ N(I2) ≥ .... Clearly there is an N such that N(IN ) = N(IN+1) = ....

Hence IN = IN+1 = .... 2 If R is a Noetherian ring then there is a strategy for provong results about ideals of R as follows: assume that the result if false. and suppose I1 is a counterexample. We call I1 a maximal counterexample if every ideal containing I1 satisfies the theorem. If I1 is not a maximal counterexample then choose a bigger counterexample I2. If I2 is not a maximal counterexample then choose a bigger counterexample I3 etc. In this way we obtain a sequence of ideals which must end in a maximal counterexample. So we may always assume that if a theorem about ideals is false then there is a maximal counterexample. An example of this method is the following:

42 142 Lemma Let I ⊆ ok be a non-zero ideal. Then there are maximal ideals p1,..., pr such that

p1 ··· pr ⊆ I.

Proof. Suppose not and let I be a maximal counterexample. Clearly I is not a maximal ideal. Since I is non-zero, we know that I is not prime. Therefore there are ideals A, B such that AB ⊂ I but neither A nor B is a subset of I. By replacing A and B by (A, I) and (B,I), we may assume that A and B both contain I. By the maximality of our counterexample, it follows that we can find maximal ideals p1,..., pr and q1,..., qs such that

p1 ··· pr ⊆ A, q1 ··· qs ⊆ B.

Hence p1 ··· prq1 ··· qs ⊆ AB ⊆ I. 2

143 Lemma Let I be a non-zero ideal of ok. If x ∈ k satisfies xI ⊂ I then x ∈ ok.

Proof. Since I ⊂ ok it follows that I is finitely generated as an abelian group. Let

I = spanZ{b1, . . . , br}.

Multiplication by x takes I to I, so we have X xbi = ai,jbj, ai,j ∈ Z. j

Hence   b1  .  (A − xIr)  .  = 0,A = (ai,j). br This means that x is an eigenvalue of A, so is an algebraic integer. 2

144 Definition A fractional ideal of ok is a non-empty subset I ⊂ k such that • I is closed under addition.

• if x ∈ ok and y ∈ I then xy ∈ I.

• There exists a non-zero n ∈ N such that nI ⊂ ok.

We shall write Ik for the set of non-zero fractional ideals of ok. We can define multiplication of fractional ideals in exactly the same was as for ideals. This is clearly associative, and ok = (1) is an identity element. We shall show that Ik is a group by proving that every element has an inverse.

145 Lemma N(I) ∈ I.

Proof. This follows by Lagrange’s theorem on the additive group o/I. 2

43 146 Lemma Let I be a non-zero ideal and define

−1 I = {x ∈ k : xI ⊆ ok}.

Then I−1 is a fractional ideal.

−1 Proof. The first two conditions are easy to check. If x ∈ I then xI ⊂ ok, so the third condition is also true with n = N(I). 2

44 Lecture 18 Note that if I ⊆ J then J −1 ⊆ I−1. Hence for any ideal I we have o ⊆ I−1

−1 147 Lemma If I ⊂ ok and I 6= o then I 6= ok.

Proof. It’s sufficient to prove this for maximal ideals p. Obviously p−1 ⊇ o so we need to show that p−1 6= o. Let a ∈ p \{0}, and suppose (a) ⊇ p1 ··· pr with r as small as possible and pi all prime. Hence p ⊇ p1 ··· pr. It follows that p ⊃ pi for some i. Since pi is maximal, we know that in fact p = pi. Without loss of generality i = 1. Now (a) 6⊇ p2 ··· pr (by minimality of r), so we can choose a b ∈ p2 ··· pr \ (a). b −1 We’ll show that a ∈ p \ o. b b −1 First note that (b)p ⊂ p1 ··· pr ⊂ (a). Hence a p ⊂ o. This shows that a ∈ p . Note also that b∈ / (a). b This shows that a ∈/ o. 2

148 Lemma If p is a maximal ideal of o then p−1p = o.

Proof. Clearly p−1p ⊂ o (by definition of p−1). Therefore p−1p is an (integral) ideal. On the other hand, since o ⊂ p−1 it follows that p ⊆ p−1p. By maximality of p we have either p−1p = o or p−1p = p. If the latter is the case then by an earlier lemma, we have p−1 ⊂ o, but this contradicts the previous lemma. 2

149 Theorem Let I be a non-zero ideal of o. Then there are maximal ideals p1,..., pr unique up to reordering, such that I = p1 ··· pr.

Proof. (existence): Suppose not, and let I be a maximal counterexample. Clearly I is not maximal, and hence not prime. On the other hand I is contained in some maximal ideal p. We have

I ⊂ p−1I ⊂ p−1p = o.

Hence p−1I is an (integral) ideal containing I. Furthermore, p−1I 6= I, since otherwise we would have p−1 ⊂ o. It follows that p−1I can be factorized into prime ideals:

−1 p I = p1 ··· pr.

Hence by the previous lemma, I = pp1 ··· pr. (uniqueness): Suppose p1 ··· pr = q1 ··· qs.

Clearly p1 ··· pr ⊆ q1. Since q1 is prime it follows that pi ⊂ q1 for some i. After reordering we may −1 assume i = 1. By maximality of p1 we have p1 = q1. Multiplying both sides by p we have

p2 ··· pr = q2 ··· qs.

We proceed by induction. 2

45 150 Theorem Ik is a group with the operation of multiplication of fractional ideals.

Proof. Multiplication is clearly associative and o is the identity element. We just have to show that every element has an inverse. Let I be a fractional ideal. There is an x ∈ ok such that (x)I is an ideal. By the previous theorem we have xI = p1 ··· pr for some maximal ideals p1,..., pr. Hence

−1 −1 −1 I = (x)p1 ··· pr . 2

151 Definition Let I,J be ideals of o. We’ll say that I is a factor of J (and write I|J) if there is an ideal I0 such that J = II0.

152 Corollary I|J if and only if I ⊇ J.

Proof. If J = II0, then it’s clear that J ⊂ I. Conversely suppose that J ⊂ I. There is certainly a fractional ideal I0 such that J = II0. Since I0I = J ⊆ I it follows that I0 ⊂ o, so I0 is an ideal. 2

46 Lecture 19

4.4 Norms of ideals 153 Theorem For any two ideals I,J ⊂ o we have N(IJ) = N(I)N(J).

Proof. Since J may be factorized into maximal ideals, it is sufficient to prove this in the case J = p is maximal. We an isomorphism of additive groups:

o/I =∼ (o/Ip)/(I/Ip).

Hence N(I) = N(Ip)/|I/Ip|. It is therefore sufficient to show that N(p) = |I/Ip|. Choose a ∈ I \ Ip and consider the map

Φ: o → I/Ip, Φ(x) = ax + Ip.

Since p is maximal, there are no ideals between I and Ip. Hence I is generated by a and Ip. For this it follows that Φ is surjective. On the other hand if x ∈ p then ax ∈ Ip, so Φ(x) = 0 + Ip. This shows that p ⊂ ker Φ. Since p is maximal, the kernel is either p or o. However Φ(1) = a + Ip 6= 0 + Ip, so ker Φ = p. Hence by the first isomorphism theorem, there is an isomorphism of additive groups

o/p =∼ I/Ip.

Hence N(p) = |I/Ip|. 2

154 Remark Suppose σ : k → k is a field homomorphism. Clearly σ takes o to o and takes ideals to ideals. It follows that if I is an ideal then

N(σI) = |o/σI| = |σo/σI| = N(I).

For example √ √ N(2, 1 + 3) = N(2, 1 − 3).

Hence √ √ √ N(2, 1 + 3)2 = N(4, 2 + 2 3, 2 − 2 3, −2) = N((2)) = 4. We can often use this method to calculate norms. Now note the following theorem proved in another course:

d d d 155 Theorem Let H be a subgroup of Z such that |Z /H| < ∞. Then there exist c1, . . . , cd ∈ Z linearly independent such that H = spanZ{c1, . . . , cd}. d Furthermore |Z /H| = | det(c1, . . . , cd)|. We’ll use this to prove:

47 156 Proposition Let I be a non-zero ideal and assume

I = spanZ{c1, . . . , cd}.

Assume also that B is an integral basis. Then r ∆C N(I) = . ∆B

Proof. The theorem implies that the ci exist. Let M be the transition matrix from B to B. By the theorem, N(I) = |o/I| = | det M|. On the other hand ∆C = det M 2∆B. 2

157 Corollary N((a)) = |N(a)|.

Proof. Let B be an integral basis. Then (a) = spanZaB. We have

2 2 2 2 ∆aB = det(σi(abj)) = N(a) det(σi(bj)) = N(a) ∆B.

The result now follows from the previous proposition. 2

158 Lemma N(I) ∈ I.

Proof. This follows from Lagrange’s theorem applied to the additive group o/I. 2

159 Corollary There are only finitely many ideals with a given norm.

Proof. If N(I) = n then I|(n). However by uniqueness of factorization, n has only finitely many factors. 2

48 Lecture 20

4.5 Norms of prime ideals 160 Proposition Let R ⊂ S be commutative rings with 1 and let p be a prime ideal of S. Then p ∩ R is a prime ideal of R.

Proof. This is obvious from the definition. 2

161 Definition Hence for any prime ideal p ⊂ o, the ideal p ∩ Z is a prime ideal of Z, and is therefore of the form (p) for some prime number p. We say that p lies above p and write p|p. If p lies above p then p ∈ p. Hence p|(p) as ideals of o. Therefore to find the maximal ideals of o we simply have to factorize ideals generated by prime numbers.

162 Proposition If N(p) is prime then p is prime.

Proof. This follows because norm is multiplicative. 2

163 Proposition If p is prime then N(p) = pr for some prime number p and some 1 ≤ r ≤ d = [k : Q].

Proof. If p lies above p then p ∈ p. Hence (p) ⊆ p, so p|(p). Therefore N(p)|N((p)) = pd. 2

164 Dedekind’s Prime Factorization Theorem Suppose ok = Z[α] for some element α. Let f ∈ Z[X] be the minimal polynomial of α. Let p be a prime number and suppose f factorizes over Fp[X] as e1 er f ≡ f1 ··· fr mod p,

with fi monic and irreducible, and fi 6= fj unless i = j. Then the ideal (p) in ok factorizes as

e1 er (p) = p1 ··· pr , pi = (p, fi(α)).

deg fi Each ideal pi is maximal and has norm p . If i 6= j then pi 6= pj.

165 Remark The condition o = Z[α] is equivalent to saying that {1, α, . . . , αd−1} is an integral basis. There is not always such an α, but often there is in the examples which we’ve seen. The theorem can be modified in the case where no such α exists.

Proof. First note that since o = Z[α], we have an isomorphism

o ≡ Z[X]/(m), α 7→ X + (m).

This implies that there is an isomorphism

o/pi ≡ Z[X]/(m, p, mi) ≡ Fp[X]/(m, mi) ≡ Fp[X]/(mi).

Since mi is irreducible in Fp[X], it follows that (mi) is a maximal ideal in Fp[X]. Hence Fp[X]/(mi) is a field. On the other hand this implies that o/pi is a field, so pi is a maximal ideal of o. [Fp[X]/(mi):Fp] deg mi The norm of p is the number of elements of Fp[X]/(mi). This is equal to p = p .

49 Next note that à ! Yr Yr ei ei pi ⊆ p, mi(α) . i=1 i=1 On the other have Yr ei mi(α) ≡ m(α) ≡ 0 mod p, i=1 so we have Yr ei pi ⊆ (p). i=1 To prove that we have equality here, it is sufficient to prove that both sides of the equation have the same norm. This is true since à ! Yr Yr ei ei N pi = N(pi) i=1 i=1 Yr = pei deg mi i=1 P r e deg m = p i=1 i i Q deg r mei = p ( i=1 i ) = pdeg m = p[k:Q] = N((p)).

It remains to show that the maximal ideals pi are distinct. Suppose pi = pj. Then we have mi(α) ≡ ∼ 0 mod pj. Using the above isomorphism o/pj = Fp[X]/(mj), this implies in Fp[X]:

mi(X) ≡ 0 mod (mj(X)).

Hence mj|mi in Fp[X]. Since mi and mj are monic and irreducible, this implies mi = mj, and hence i = j. 2

√ √ 2 166 Example Let k = Q( 6). We have ok = Z[ 6], f(X) = X − 6. Here are some values of f:

Table 1: default X X2 − 6 0 -6 ±1 -5 ±2 -2 ±3 3 ±4 10 ±5 19

From the table we see that f factorizes modulo small primes as X2 − 6 ≡ X2 mod 2 ≡ X2 mod 3 ≡ (X + 1)(X − 1) mod 5 ≡ X2 − 6 mod 7 ≡ X2 − 6 mod 11. 50 Therefore the small primes factorize in ok as follows: √ (2) = p2, p = (2, 6), 2 2 √ (3) = p2, p = (3, 6), 3 3 √ √ 0 0 (5) = p5p5, p5 = (5, 6 + 1), p5 = (5, 6 − 1).

On the other hand (7) and (11) are prime in o. The norms of the ideals are also given by the theorem:

0 N(p2) = 2,N(p3) = 3,N(p5) = N(p5) = 5,N((7)) = 49,N((11)) = 121.

√ √ 3 3 167 Example Let k = Q( 2). We’ve already shown that ok = Z[ 2], so we can apply the theorem. The minimal polynomial is m(X) = X3 − 2. To factorize this modulo primes p, we make a table of values of m:

√ Table 2: Maximal ideals in Z[ 3 2]

X X3 − 2 0 −2 X3 − 2 ≡ X3 mod 2 1 −1 3 −1 −3 ≡ (X + 1) mod 3 2 6 ≡ (X + 2)(X2 + 3X + 4) mod 5 −2 −10 3 25 irreducible mod7 −3 −29 √ 3 3 (2) = p2, p2 = (2, 2), Np2 = 2 √ 3 3 (3) = p3, p2 = (3, 2 + 1), Np3 = 3 √ 3 (5) = p5p25, p5 = (5, 2 + 2), Np5 = 5 ³ √ √ ´ 3 2 3 p25 = 5, 2 + 3 2 + 4 , Np25 = 25, (7) is maximal N((7)) = 73.

Note that the factor X2 + 3X + 4 is irreducible modulo 5, because b2 − 4ac ≡ 3 mod 5, and 3 is not a square modulo 5.

51 Lecture 21

4.6 Factorizing Ideals into Maximal Ideals We are now able to factorize an ideal I of o into maximal ideals:

• Calculate N(I) and factorize it into primes.

• For each prime p dividing N(I), factorize (p) into maximal ideals of o; • Write down all ideals whose norm is equal to the norm of I (this is a finite list);

• To find out which factorization is correct, us the principle: p|I iff the generators of I are in p. √ √ 168 Example Again let k = Q( 6) as above. We’ll factorize the ideal (12 + 7 6). First note that √ N(12 + 7 6) = 144 − 6 × 49 = 144 − 294 = −150.

Therefore √ N((12 + 7 6)) = 150 = 2 × 3 × 52. However we already calculated the maximal ideals above 2, 3 and 5. Hence there are three ideals of norm 150: 2 0 02 p2p3p5, p2p3p5p5, p2p3p5 . √ √ 0 0 Since p5p5 = (5), and 12 + 7 6 is not√ a multiple of√ 5, is follows that (12 + 7 √6) 6= p2p3p5p5. We are left with two possibilities. Since 12 + 7 6 = 5 + 7(1 + 6), it follows that 12 + 7 6 ∈ p5. Hence √ 2 (12 + 7 6) = p2p3p5.

4.7 The Class Group

169 Definition Let Ik be the group of non-zero ideals of k, and let Pk be the subgroup o principal fractional ideals. The class group of k is defined by

Clk = Ik/Pk.

Obviously if the class group is trivial then ok is a principal ideal domain and has unique factorization of elements. Therefore the size of the class group tells us how far ok is from bein a principal ideal domain.

170 Theorem Clk is finite. The proof requires the following:

52 171 Key Lemma There is a constant c defending only on k such that for any non-zero ideal I there is a non-zero x ∈ I satisfying µ ¶ 2 s p |N(x)| ≤ |∆ |N(I). π k

The lemma will be proved later. Proof of the theorem. Let I be any fractional ideal. There is an n ∈ N such that nI ⊂ o. In other words (n)I is an ideal. This shows that every ideal class contains an ideal. Now let J be an ideal in the class of I−1. By the lemma there is a non-zero x ∈ J with N(x) ≤ cN(J). Since x ∈ J it follows that J|(x). I.e. (x) = JJ 0 for some ideal J 0. Since JJ 0 is a principal ideal, J 0 is in the same class as I. We have

cN(J) ≥ |N(x)| = N((x)) = N(J)N(J 0).

Therefore N(J 0) ≤ c. We’ve shown that every ideal class contains an ideal with norm ≤ c. As there are only finitely many ideals with any given norm, it follows that there are only finitely many ideal classes. 2

4.8 The Minkowski constant

In fact, the proof that Clk is finite shows that every ideal class contains an ideal with norm ≤ c. Therefore, to calculate the class group, we simply find all the ideals with norm ≤ c and determine which of these are in the same class as each other. To do this we will need to know what the constant c is (this is known as the Minkowski constant). Recall that we have field embeddings σ1, . . . , σd : k ,→ C. We shall call one of these embeddings real if σi(k) ⊆ R. Otherwise we shall call the embedding complex. If σi is a complex embedding then its complex conjugateσ ¯i is another complex embedding, so the complex embeddings come in pairs. Let r be the number or real embeddings and s the number of pairs of complex embeddings. Thus d = r + 2s. Note that if k = Q(α) then σi is real if and only if σi(α) ∈ R. Hence r is the number of real roots of the minimal polynomial of α, and s is the number of complex conjugate pairs of roots, which are not real. With this notation, the constant c in the key lemma is given by µ ¶ 2 s p c = |∆|, π

where ∆ is the discriminant of an integral basis. We can now use this to calculate a few class groups.

172 Example k = Q(i) has trivial class group.

√ 173 Example k = Q( 6) has trivial class group.

53 Lecture 22

4.9 Geometry of numbers and Minkowski’s Lemma Let V = Rd and let B be a basis for V (over R). We define the lattice spanned by B to be

L = spanZB. We also define the fundamental cell of B by nX o P = xibi : 0 ≤ xi < 1 .

Note that vol(P) = | det(b1 . . . bd)|. Note that V is the disjoint union of the translations of P by lattice points: [ V = P + l. l∈L In other words P is a set of representatives for the cosets of L is V , i.e. every vector may be written uniquely in the form v = l + p with l ∈ L and p ∈ P. We define a function pr : V → P by pr(v) = p.

174 Lemma Let U ⊂ V be a subset with a volume, and suppose that vol(U) > vol(P). Then there are two points v, w ∈ U with v 6= w and v − w ∈ L. Actually, to make the proof rigorous, we need to know exactly what we mean by “volume”. This would involve going into measure theory, which is not part of the course. Instead we’ll just give a sketch proof. Proof. Suppose that two such points do not exist, so the restriction of pr to U is injective. The set U may be written as a disjoint union: [ U = Ul, l∈L

where Ul = U ∩(P +l). Clearly on the sets Ul, the map pr is given by pr(v) = v−l. Hence pr(Ul) = Ul −l. Since pr is injective on U, the sets Ul − l are disjoint. It follows that X X ³[ ´ vol(U) = vol(Ul) = vol(Ul − l) = vol (Ul − l) ≤ vol(P).

2

175 Definition A subset U ⊂ V is convex if for any two points u, v ∈ U and any λ ∈ [0, 1] the point λu + (1 − λ)v is also in U.

176 Definition A subset U ⊂ V is symmetric if for any point u ∈ U we also have −u ∈ U.

177 Minkowski’s Lemma Let U ⊆ V be convex and symmetric and suppose vol(U) > 2dvol(P). Then there is a non-zero point of L in U.

Proof. We have vol(U) > vol(2P) so by the previous lemma there are two distinct points v, w ∈ U such that v − w ∈ 2L. Since U is symmetric, we have −w ∈ U. Since U is convex we have (v − w)/2 ∈ U. On the other hand (v − w)/2 is a non-zero point of L. 2

54 Lecture 23

4.10 The Minkowski Space The idea is to use Minkowski’s Lemma to prove the key lemma. The ideal will be a lattice in a real vector space k∞ and all points in the set U will have small norm. Recall that we have field embeddings σ1, . . . , σd. We shall reorder these so that σ1, . . . , σr are real and σr+1, . . . , σr+2s are complex, with σr+s+i =σ ¯r+i. We define the d-dimensional real vector space k∞ by r s k∞ = R ⊕ C .

There is an embedding σ : k → k∞ defined by   σ1(x)  .  σ(x) =  .  . σr+s(x)

Since each field embedding is injective, σ is also injective.

178 Messy Lemma If B is a basis of k over Q then σ(B) is a basis for k∞ over R; furthermore the fundamental cell has volume p vol(P) = 2−s |∆B|.

Proof. It is sufficient to show that the volume of P is given by the formula, since if σB were not a basis, then this volume would be zero. The volume is given by: ¯  ¯ ¯ ¯ ¯ σ1(b1) . . . σ1(bd) ¯ ¯  . . ¯ ¯  . . ¯ ¯  . . ¯ ¯  ¯ ¯  σr(b1) . . . σr(bd) ¯ ¯  ¯ ¯ <σr+1(b1) ... <σr+1(bd)¯ vol(P) = ¯det  ¯ . ¯ =σr+1(b1) ... =σr+1(bd)¯ ¯  ¯ ¯  . . ¯ ¯  . . ¯ ¯  ¯ ¯ <σr+s(b1) ... <σr+s(bd) ¯ ¯ ¯ =σr+s(b1) ... =σr+s(bd)

Adding i×row(r + 2a) to row(r + 2a − 1) for a = 1, . . . s we obtain: ¯  ¯ ¯ ¯ ¯ σ1(b1) . . . σ1(bd) ¯ ¯  . . ¯ ¯  . . ¯ ¯  . . ¯ ¯  ¯ ¯  σr(b1) . . . σr(bd) ¯ ¯  ¯ ¯  σr+1(b1) . . . σr+1(bd) ¯ vol(P) = ¯det  ¯ . ¯ =σr+1(b1) ... =σr+1(bd)¯ ¯  ¯ ¯  . . ¯ ¯  . . ¯ ¯  ¯ ¯ σr+s(b1) . . . σr+s(bd) ¯ ¯ ¯ =σr+s(b1) ... =σr+s(bd)

55 Multiplying rows r + 2a by -2 we obtain: ¯  ¯ ¯ ¯ ¯ σ1(b1) . . . σ1(bd) ¯ ¯  . . ¯ ¯  . . ¯ ¯  . . ¯ ¯  ¯ ¯  σr(b1) . . . σr(bd) ¯ ¯  ¯ −s ¯  σr+1(b1) . . . σr+1(bd) ¯ vol(P) = 2 ¯det  ¯ . ¯ −2=σr+1(b1) ... −2=σr+1(bd)¯ ¯  ¯ ¯  . . ¯ ¯  . . ¯ ¯  ¯ ¯ σr+s(b1) . . . σr+s(bd) ¯ ¯ ¯ −2=σr+s(b1) ... −2=σr+s(bd) Subtracting rows r + 2a − 1 from rows r + 2a we obtain: ¯  ¯ ¯ ¯ ¯ σ1(b1) . . . σ1(bd) ¯ ¯  . . ¯ ¯  . . ¯ ¯  . . ¯ ¯  ¯ ¯  σr(b1) . . . σr(bd) ¯ ¯  ¯ −s ¯ σr+1(b1) . . . σr+1(bd)¯ vol(P) = 2 ¯det  ¯ . ¯ σ¯r+1(b1) ... σ¯r+1(bd)¯ ¯  ¯ ¯  . . ¯ ¯  . . ¯ ¯  ¯ ¯ σr+s(b1) . . . σr+s(bd) ¯ ¯ ¯ σ¯r+s(b1) ... σ¯r+s(bd) Reordering the rows we have: ¯  ¯ ¯ ¯ ¯ σ1(b1) . . . σ1(bd) ¯ ¯  . . ¯ p vol(P) = 2−s ¯det  . . ¯ = 2−s |∆(B)|. ¯ . . ¯ ¯ ¯ σd(b1) . . . σd(bd) 2

179 Key Lemma Let I be a non-zero ideal of ok. Then there is a non-zero element x ∈ I such that µ ¶ 2 s p |N(x)| ≤ |∆|N(I), π where ∆ is the discriminant of an integral basis.

Proof. Let B be a basis such that I = spanZB. p q −s ∆B Note that σ(I) is a lattice in k∞ with covolume 2 |∆B|. Recall that N(I) = ∆ . Hence the covolume is p −s vol(k∞/σ(I)) = 2 |∆|N(I).

For any a > 0 consider the following subset of k∞:     x1   .  Ua =  .  : |xi| < a .   xr+s

The set Ua is clearly symmetric and convex. Its volume is given by

r 2 s r s d vol(Ua) = (2a) (πa ) = 2 π a . 56 On the other hand if σ(x) ∈ Ua then for every field embedding we have |σi(x)| < a, which implies

N(x) < ad.

We can apply Minkowski’s Lemma with σ(I) and Ua as long as p 2rπsad > 2d2−s |∆|N(I).

This reduces to ad > cN(I). ¡ ¢ p 2 s where c = π |∆|. As longs as a satisfies this inequality, there is a non-zero element x ∈ I such that d σ(x) ∈ Ua, and hence N(x) < a . We’ve shown that for any b > cN(I), there is a non-zero x ∈ I with |N(x)| < b. Now suppose

N = min{|N(x)| : x ∈ I \{0}}.

The minimum is attained since N(x) takes integer values. Clearly N < b for all b > cN(I) and hence N ≤ cN(I). 2

This finishes the proof¡ ¢ thatp the class group is finite, and proves also that every ideal class contains an 2 s ideal whose norm is ≤ π |∆|.

57 Lecture 24

4.11 Calculating class groups imaginary quadratic fields

58 Lecture 25 real quadratic fields

59 Lecture 26 cubic fields

60 Lecture 27

4.12 Dirichlet’s Unit Theorem We define a logarithmic map   log |σ1(x)| × r+s  .  Log : k → R , Log(x) =  .  . log |σr+s(x)|

Clearly we have for x, y ∈ k, Log(xy) = Log(x) + Log(y).

180 Proposition ker Log is the subgroup of roots of unity in k.

Proof. Suppose x ∈ ker Log. This implies that |σi(x)| = 1 for all field embeddings σi. 2

Now define a subspace n X o r+s r+s (R )0 = (vi) ∈ R : vi = 0 .

× r+s 181 Proposition Log(o ) is a lattice in the subspace (R )0.

61